Add guidance of where the use of userinfo endpoint is optimal.
Issue #1217
resolved
The following issue was raised during a discussion at OIDF-Japan WG.
Some kind of guidance over which method should be chosen to transport verified claims - ID token of userinfo - will be appreciated.
There are some IdPs in Japan already providing KYC services, and most of them are using separate API endpoints to transfer claims, not through ID tokens.
It is because they don’t usually charge money for authentication but do charge for KYC. If they transfer the claims through ID tokens, the KYC transactions will be mixed with authentication transactions, and thus it will be difficult to count and charge.
Therefore, we want a clause in the spec recommending the use of userinfo endpoint for the use case described above.
And for the same reason (to count API usage,) the use of “txn” should be recommended as well.
Comments (2)
-
reporter
-
- changed status to resolved
Discussion of this question was undertaken at WG meeting.
There is customisation needed to enable billing per returned claim and there is no strong drive to choose either ID Token or userinfo endpoint
- Log in to comment
In a further discussion within OIDF-J, it was pointed out that Distributed Claims should be used for the use case above.
I would like to know how other IdPs are dealing with this issue. (how to charge RP)